On Fri, 2022-03-11 at 11:23 +0200, Timo Lindfors wrote: > Hi, > > On Fri, 11 Mar 2022, Łukasz Hawryłko wrote: > > In few words - when multiple SINITs is loaded, there is a chance that > > one (or more) of them will be overwritten by some TBOOT data structures > > that have hardcoded addresses. In most cases it is memory log, but this > > is not a rule. > > This sounds annoying indeed. Would it help if we could somehow embed > or append the SINIT modules to tboot.gz itself? I'm trying to make the > technology as easy to use and robust as possible. Being able to use e.g. > the same Live CD on all pieces of hardware would be a huge win. >
That could help, but I can't give you a definite answer. There is also a risk that bigger tboot.gz will cause some other memory corruption errors. Keep in mind that besides tboot.gz and SINITs, GRUB loads also kernel image and initrd. The best way to fix all possible problems is to instruct GRUB not to load anything in memory regions occupied by tboot's hardcoded structures. I see that you have quite complex environment for testing tboot, if I find my old GRUB patch and prepare patch for tboot that combined should fix the issue, will you be able to run tests? Thanks, Lukasz _______________________________________________ tboot-devel mailing list tboot-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tboot-devel
